{"uuid": "da472951-fb4b-4b2e-b805-c031bc2faab4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29993", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9035", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29993\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: The affected versions of PowerCMS allow HTTP header injection. This vulnerability can be leveraged to direct the affected product to send email with a tampered URL, such as password reset mail.\n\ud83d\udccf Published: 2025-03-27T09:06:53.028Z\n\ud83d\udccf Modified: 2025-03-27T09:06:53.028Z\n\ud83d\udd17 References:\n1. https://www.powercms.jp/news/release-powercms-661-528-459.html\n2. https://jvn.jp/en/jp/JVN39026557/", "creation_timestamp": "2025-03-27T09:26:57.000000Z"}